infrastructure/ansible
1
0
Fork 0
Code Pull requests 7 Activity Actions
40085 commits 9 branches 0 tags 110 MiB
Commit graph

40085 commits

This branch
This branch
All branches
Author SHA1 Message Date
Kevin Fenzi
0bb87a53e2 autosign: this should be autosign02 in prod now 
Just use the short inventory name here so it works in prod and stg.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-30 09:53:19 -08:00
Kevin Fenzi
c764d1ea86 autosign: adjust playbooks for prod 
We need to setup things in prod slightly differently, using keyctl.
Copy in the service and scripts.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-30 09:33:45 -08:00
Kevin Fenzi
d3222f83e9 new 2024 id.fedoraproject.org wildcard cert 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 18:42:22 -08:00
Kevin Fenzi
86e0e9e851 sign-vault02: not external 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:48:54 -08:00
Kevin Fenzi
0255f6c04d sign_vault02: cidr format here 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:45:51 -08:00
Kevin Fenzi
ba2c1c8f5d sign-vault02: Fix netmask 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:43:56 -08:00
Kevin Fenzi
0e45fcb6cd sign-vault02: eth1 is the interface to use here and correct ip address 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:42:05 -08:00
Kevin Fenzi
8f703a0f0e sign-vault02: also add to group in inventory 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:35:22 -08:00
Kevin Fenzi
eb9bad4c56 sign-vault02: add variables 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 16:34:02 -08:00
Pedro Moura
4ead1104a0 Planet: fix buildconfig identaion 
Signed-off-by: Pedro Moura <pmoura@redhat.com>
 2024-01-29 22:22:03 +00:00
Kevin Fenzi
33b2e114a6 bkernel01: also fix the address passed to the role 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 14:20:08 -08:00
Kevin Fenzi
8b82205393 bkernel01: new machine 
Adjust mac address for the new machine.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-29 13:33:09 -08:00
Pedro Moura
872bc7778c Planet: update secret reference 
Signed-off-by: Pedro Moura <pmoura@redhat.com>
 2024-01-29 20:49:03 +00:00
Pedro Moura
b8f2ed12bf Planet: add secret reference 
Signed-off-by: Pedro Moura <pmoura@redhat.com>
 2024-01-29 20:49:03 +00:00
Pedro Moura
5f7b2bab72 Planet: improve readability of deployment and buildconfig 
Signed-off-by: Pedro Moura <pmoura@redhat.com>
 2024-01-29 20:49:03 +00:00
Mattia Verga
d3ae9b2981 bodhi: another try to prevent stg logs from being unreadable 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2024-01-29 09:26:08 +00:00
Mattia Verga
c2025d4833 bodhi: revert nullPool patch and apply timeout to queries 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2024-01-28 15:25:14 +01:00
Kevin Fenzi
4b27b2774f postgresql_server: enable auto_explain and set to 30s 
This will log an explain for any query that takes more than 30s.
We likely will need to lower it to get the slow heavy queries that are
hitting koji's db.

This does require a restart, but after this we can change the min
duration with just a reload. If there are too many logs, we can set this
to -1 to never log.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-27 13:14:41 -08:00
Kevin Fenzi
1d953b4678 bodhi: apply nulldb patch to production as well. 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-27 09:58:35 -08:00
Mattia Verga
6ad94dfdc5 bodhi: prevent staging logs to be clogged by markdown debug msgs 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2024-01-27 17:46:49 +00:00
Mattia Verga
c18ab47b69 bodhi: temporary patch to use NullPool for sqlalchemy engine 
Signed-off-by: Mattia Verga <mattia.verga@tiscali.it>
 2024-01-27 18:05:46 +01:00
Adam Williamson
862a070716 Give myself yet more people quota for uploading ISOs 
Now I need another ISO uploaded for kkoukiou to investigate
https://bugzilla.redhat.com/show_bug.cgi?id=2260395 .

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-01-26 08:42:28 -08:00
Kevin Fenzi
371e1c7636 also remove all these old 32bit vms 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-25 17:58:12 -08:00
Kevin Fenzi
abffa16aee also remove these bvmhosts from hardware 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-25 17:57:25 -08:00
Kevin Fenzi
ba7e2a8fd3 inventory: Drop 4 old emags that are about to be replaced 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-25 17:01:19 -08:00
Kevin Fenzi
d40369957d move global server back to ipa01 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-25 09:32:19 -08:00
Nick Bebout
d1c563acc2 Revert "Change the httpd proxy stuff to point to ipa02 also" 
This reverts commit 65cf67f584.
 2024-01-25 11:23:03 -06:00
Nick Bebout
b5d0a51ae9 Revert "Reapply "Change ipa01-backend to actually point to ipa02"" 
This reverts commit d28ebf8cb5.
 2024-01-25 11:23:03 -06:00
Michal Konecny
3ff1e073f8 [ipa/server] Set ipa02 as ipa_server 
Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-25 17:06:39 +01:00
Nick Bebout
65cf67f584 Change the httpd proxy stuff to point to ipa02 also 2024-01-25 09:06:44 -06:00
Nick Bebout
d28ebf8cb5 Reapply "Change ipa01-backend to actually point to ipa02" 
This reverts commit 7b71471851.
 2024-01-25 08:50:46 -06:00
Aurélien Bompard
3a964ed716
Fix noggin config 
Signed-off-by: Aurélien Bompard <aurelien@bompard.org>
 2024-01-25 15:28:18 +01:00
Michal Konecny
705970d409 [ipa/server] Update ipa02 to RHEL9 
Prepare variables for ipa02 upgrade.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-25 12:35:58 +01:00
Kevin Fenzi
5d24117ce8 proxies / ipa / ui: missing trailing / 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-24 15:27:01 -08:00
Kevin Fenzi
62279be3e5 proxies / ipa / ui: fix another typo 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-24 15:21:59 -08:00
Kevin Fenzi
ec09a8d302 proxies / ipa / ui: fix a typo 
Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-24 15:20:59 -08:00
Kevin Fenzi
3996374ea0 proxies / ipa / ui: try and edit the referrer for new ipa 
New ipa checks the referrer to avoid CSRF issues.
We need to have the proxy edit requests for the right internal hostname
for it to be able to work.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-24 15:19:14 -08:00
Kevin Fenzi
5c50f89d73 proxies: just stop exposing 8080 on proxies 
This is pretty harmless. It's the haproxy stats page, but
we get questions about it and people don't like that it's
there. There's also no reason to keep it open as we normally
access this via a proxy.

Signed-off-by: Kevin Fenzi <kevin@scrye.com>
 2024-01-24 14:32:28 -08:00
Nick Bebout
7b71471851 Revert "Change ipa01-backend to actually point to ipa02" 
This reverts commit b64524ec9a.
 2024-01-24 16:17:57 -06:00
Adam Williamson
560614b3c9 Give myself 5G quota on fedorapeople 
I need to upload a big Silverblue ISO for
https://github.com/fedora-silverblue/issue-tracker/issues/530 .

Signed-off-by: Adam Williamson <awilliam@redhat.com>
 2024-01-24 10:59:43 -08:00
Michal Konecny
cd3534157e [ipa/server] Update ipa01 to RHEL9 
Let's try to update ipa01 to RHEL9 and replace the broken ipa01 machine.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-24 14:59:46 +01:00
Leo Puvilland
172a57c0cf nagios: remove serviceackauthor from host notifications 
Signed-off-by: Leo Puvilland <leo@craftcat.dev>
 2024-01-24 03:34:52 +00:00
Ryan Lerch
1cb0c81048 [maubot] add python-gitlab dep 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-01-24 13:26:54 +10:00
Nick Bebout
b64524ec9a Change ipa01-backend to actually point to ipa02 2024-01-23 16:06:05 -06:00
Michal Konecny
4112c16c69 [server/ipa] Update number of CPU to 8 
It seems that 4 CPU are not enough to handle all the requests. This should solve that.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-23 22:30:57 +01:00
Michal Konecny
282ff5a51f [ipa/server] Prepare ipa03 for replication 
We currently only have ipa02 working, so we need to set it as replication host
for ipa03.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-23 22:25:05 +01:00
Ryan Lerch
83cb6df91e Add gitlab plugin to maubot image 
Signed-off-by: Ryan Lerch <rlerch@redhat.com>
 2024-01-23 10:17:01 +10:00
Michal Konecny
696edb4c3d [ipa/server] Restore the variable changes 
Let's restore variables to state before we caused the issue started happening on
IPA cluster.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-23 00:44:54 +01:00
Michal Konecny
ea1f8a14c1 [ipa/server] Restore ipa02 from scratch 
Let's try to resolve the ipa errors by doing the ipa02 installation from scratch.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-22 23:35:59 +01:00
Michal Konecny
51a2ab7e73 [ipa/server] Reinstall ipa03 from scratch 
This will create the ipa03 server from scratch.

Signed-off-by: Michal Konecny <mkonecny@redhat.com>
 2024-01-22 20:03:44 +00:00